Log in

View Full Version : Malware Analysis and Unpacking Forum

Pages : 1 [2] 3 4 5 6 7 8 9
  1. 【Help】Please analyze the code (2 replies)
  2. How to solve this trick ? (12 replies)
  3. How to unpack this? (8 replies)
  4. Unpacking WinLicense (17 replies)
  5. found: Practical Malware Analysis (1 replies)
  6. Orer AKA W32/Hunk.a (0 replies)
  7. Very suspicious packed file (13 replies)
  8. Fake crackme on crackmes.de? (10 replies)
  9. Unpack securom 5.00.03 (21 replies)
  10. Yoda's Crypter 1.2 (13 replies)
  11. VM detection via VERR/VERW (13 replies)
  12. Example for nice custom obfuscation (7 replies)
  13. To start with malwares (8 replies)
  14. WORM/Nuj.A.124 - Something to play with... (0 replies)
  15. Debugged program unable to process exception (10 replies)
  16. help: packer identification (10 replies)
  17. PC Guard (9 replies)
  18. Strange section within EXE (3 replies)
  19. Packed sdbot variant (14 replies)
  20. SWF Encrypt (Flash 'obfuscator') hacking (30 replies)
  21. Who is working for an AV company? (12 replies)
  22. winlogon (14 replies)
  23. Quick Unpack v1.0 final (1 replies)
  24. Change file to work right (1 replies)
  25. possibble rootkit kdjfq.exe (3 replies)
  26. Malware (packed, polymorphic) dll. Pecompact 2.xx? (9 replies)
  27. the drivers are peed or wincom32 probably but the exe isnt detected by norton (11 replies)
  28. Article: "Stealth for Survival: Threat of the Unknown" (0 replies)
  29. AsProtect 2.2. Help with find OEP (4 replies)
  30. Recently appeared virus supposed to be from the German BKA :) (23 replies)
  31. Unwrapping PACE Interlok v5.5.0.2618 (7 replies)
  32. Malware fight (22 replies)
  33. Suspicious file - Can't unpack (8 replies)
  34. Me code write good: The l33t skillz of the virus writer (71 replies)
  35. Capture, care and analysis of Malware made easy (4 replies)
  36. PE GRUM Virus and Some Search Engine Poisoning malware (7 replies)
  37. a nice paper on a trojan/malware (3 replies)
  38. Another trojan I couldn't identify the packer (7 replies)
  39. Another strange packer (2 replies)
  40. Strange Packer (5 replies)
  41. arma's processes (4 replies)
  42. Armadillo + other protections... (6 replies)
  43. Malware and Virtual Environments (3 replies)
  44. Old Stuff (2 replies)
  45. 2 malware video tutorials by Fifo (16 replies)
  46. Norwegian Bank Malware Analysis (0 replies)
  47. BIOHAZARD bags (0 replies)
  48. Malware analysis: Nailuj sys file (6 replies)
  49. Malware Forum RULES (3 replies)
  50. Ways to detect the difference between a packed and unpacked exe in memory (8 replies)
  51. Arma is breeding like a rabbit! (4 replies)
  52. Quality of WinLicense (2 replies)
  53. Malware Analysis: "Skype" Trojan (6 replies)
  54. Role of Imprec (7 replies)
  55. OVERLAY (1 replies)
  56. A new software protection method (Objantihack) (8 replies)
  57. Odd problem with Acudata (0 replies)
  58. SafeDisc 4.60 and on... (7 replies)
  59. HASP DOS Envelope (0 replies)
  60. re-write a MemoHasp-1 memory (0 replies)
  61. .NET dump (2 replies)
  62. armadillo I think, date check (5 replies)
  63. unknown packer / nice anti-olly trick (2 replies)
  64. Symbian 9.x ... how to decompress ?! (7 replies)
  65. Problem with Custom Armadillo Implentation (13 replies)
  66. [ARTeam] HASP SL - A Deeper Dig by potassium (6 replies)
  67. Packing / unpacking of Flash SWF files (yes, really!) (29 replies)
  68. Strange Packer (11 replies)
  69. 100% Unpacking Flash's tuts (8 replies)
  70. safedisc problem (27 replies)
  71. PECompact v1.67 Delphi DLL (9 replies)
  72. FSG 2 and Delphi... (0 replies)
  73. Another unknown (11 replies)
  74. Yoda's Protector 1.3 (17 replies)
  75. Themida - VirtualAllocMemory of four bytes (5 replies)
  76. WIBU WkbCrypt2 (WITH dongle) (77 replies)
  77. HardLock Envelope unpacking (WITH dongle) (19 replies)
  78. Merging Imports with Exports? (4 replies)
  79. Safedisc dump (8 replies)
  80. Updating a Wise installation package (1 replies)
  81. How to extract a Install Shield 10.5 project (9 replies)
  82. Extracting java classes from exe ? (9 replies)
  83. SerialShield (2 replies)
  84. Code to find IAT (9 replies)
  85. Having trouble with an ARTtut.....arma related (18 replies)
  86. ASProtect 2.1x SKE (3 replies)
  87. Looking for the following tuturials (7 replies)
  88. ARTeam: TheMida_defeating_ring0_by_deroko (25 replies)
  89. What the heck is this (25 replies)
  90. Unpacking question (13 replies)
  91. Can't get the Import table right (3 replies)
  92. Help ACProtect (2 replies)
  93. help on asprotect (4 replies)
  94. unpacking pcguard registred app if you have a working serial!!! (2 replies)
  95. Unpacking Softwrap with .locked and .sw2 (5 replies)
  96. Problem identifying packer/encypter (22 replies)
  97. Execryptor (old versions) WANTED!!! (1 replies)
  98. Pe Section Table - How To Get Large Gaps Between Sections? (12 replies)
  99. New [ARTEAM] Tutorials (2 replies)
  100. Armadillo V4.0-V4.4.Standard.Protection UnPacK Script (8 replies)
  101. MSLRH V0.32 + MSLRH V0.32a UnPacK Script (8 replies)
  102. Z3NMiDA - Project (4 replies)
  103. using imprec problem (4 replies)
  104. New site dealing with packers (0 replies)
  105. Unpacking AsPack Problem Help need (18 replies)
  106. Looking for a GOOD packer/crypter (9 replies)
  107. what is this packer? (11 replies)
  108. Need help with Armadillo. (0 replies)
  109. Unusual UPX activity (8 replies)
  110. Armadillo 3.x - Related to Serial Registration (12 replies)
  111. Unpacking Armadillo 1.8 (I think) (16 replies)
  112. Xitech KONxiSE v1.0 - v1.1 (0 replies)
  113. Unknown packer (sorry) (7 replies)
  114. Article on Execryptor 2.2.50 (14 replies)
  115. Making own compressor... (3 replies)
  116. Yet another Armadillo question (2 replies)
  117. Armadillo, compendio de - season 2 (12 replies)
  118. pc guard 4.15 unpacking help needed (0 replies)
  119. Unfamiliar packer (0 replies)
  120. Unpacking sound files?? (6 replies)
  121. What is Armadillo CC meaning? (2 replies)
  122. PACE interlok TPKD anti-debug tricks (5 replies)
  123. Why i can't break at WaitForDebugEvent (2 replies)
  124. [ARTeam] Writing Loaders for Dlls: theory and techniques (0 replies)
  125. Armadillo 3.xx on a strange Target (4 replies)
  126. [ARTeam] New tutorial (0 replies)
  127. [ARTeam] Unpacking.ActiveMark.v5.x.Advanced.Part2 (3 replies)
  128. ASProtect 1.23 RC4 - 1.3.08.24 PROBLEM (16 replies)
  129. .net app help me (2 replies)
  130. Gleam v1.00 (3 replies)
  131. Exeshield with a .net app (10 replies)
  132. UPX Help (9 replies)
  133. Problem after removing HASP envelope (9 replies)
  134. Armadillo Help (15 replies)
  135. Asprotect SKE 2 Advanced import protection rebuilder + tutorial (8 replies)
  136. [ARTeam] Unpacking.ActiveMark.v5.x.Basic.Part1 (4 replies)
  137. Asprotect SKE 2.11 unpacking tutorial (2 replies)
  138. Little help with execryptor (8 replies)
  139. files .INX (1 replies)
  140. AKIRA AGAINST THEMIDA (18 replies)
  141. Delphi App PEiD Entropy : 7.21 (Packed) (10 replies)
  142. WsaStartUp (3 replies)
  143. The return OF AKIRA to crackslatinos with a big tut XTREME PROTECTOR (1 replies)
  144. Need Help in IAT Fixing on an Armadillo Protected App (11 replies)
  145. bp on CreateThread in armadillo 3.6 not breaking (4 replies)
  146. MoleBox v2.3 Pro Unpacking (1 replies)
  147. Armadillo version unknown (8 replies)
  148. Protecting software code by Guards (27 replies)
  149. Clipper packer : noclip41 (0 replies)
  150. Aspr dump problem (7 replies)
  151. PE Hardlock (1 replies)
  152. armadillo DUMPING problem (7 replies)
  153. asprotect 2.0 inline patching with asprapi (9 replies)
  154. Acprotect help whit bad jumps. (2 replies)
  155. problem running unpacked file (6 replies)
  156. starforce 3 question (6 replies)
  157. Armadill0 4.05 or 4.10 (28 replies)
  158. ACI 2005 (C) [Armadillo Code Injection] (28 replies)
  159. sentinel (1 replies)
  160. Identifying a packer, PEiD/TrID fail (34 replies)
  161. New Vbox Name HASP SL (0 replies)
  162. dillo fingerprints :( :( :( :( :( (0 replies)
  163. how to identify if a file is packed more than once? (1 replies)
  164. Unpacking some packers VIII (2 replies)
  165. PE packer identification and Anti-Ollydbg (1 replies)
  166. unknown armadillo (20 replies)
  167. armadillo nanomites (0 replies)
  168. SoftWrap 6.1.1 unpacking tuts (3 replies)
  169. Anti Debugging ? ? (8 replies)
  170. Execryptor (28 replies)
  171. Suspending a riot process..how? (4 replies)
  172. ARMADILLO 3.78 HELP NEEDED (10 replies)
  173. ASProtect 1.3 Problem (2 replies)
  174. decrypt decompile precompiled resources (3 replies)
  175. armadillo unpacking problem (1 replies)
  176. Need help figuring out code from unpacker. (12 replies)
  177. How to unpack an ASProtected .dll? (2 replies)
  178. +Splaj Awave tutorial revisited. (11 replies)
  179. Trouble with Unpacking Crypkey 5.6 (13 replies)
  180. Automated Imports Reconstruction (6 replies)
  181. unpack hasp enveloped file (0 replies)
  182. the new packer (8 replies)
  183. Ollybug (5 replies)
  184. Unpacking help - possible armadillo (4 replies)
  185. NEOLITE 2.0 UNPACK (8 replies)
  186. asprotect 2.0x working tut? (17 replies)
  187. Honeynet RE challenge (28 replies)
  188. Indentifing Armadillo version & unpacking (1 replies)
  189. ASPR IAT (0 replies)
  190. ASPACK problems with DLL (relocations?) (3 replies)
  191. Star Force 3.3 Cracked! (4 replies)
  192. Hard Objetive!! (0 replies)
  193. ActiveMa** unpacking (11 replies)
  194. Installshield 7 exe fun (13 replies)
  195. How to repack a file (4 replies)
  196. Wrapper question (2 replies)
  197. More Armadillo Stuff (2 replies)
  198. SafeDisc 2/3 IAT Rebuilding (4 replies)
  199. A strip of code in the an UnpackFile (2 replies)
  200. What is the sentence mean? (4 replies)
  201. Vbox 4.6.2 confusion (30 replies)
  202. Fool PEiD (6 replies)
  203. Why the program crashed (7 replies)
  204. another aspr question (5 replies)
  205. Aspack 2.12? Maybe... (3 replies)
  206. Powerfull tool to successfully unpack (7 replies)
  207. Sticked in by the debugging loop (3 replies)
  208. I can't find the OEP (2 replies)
  209. Sentinel Super Pro Shelled files problem (5 replies)
  210. Why remove my thread? (2 replies)
  211. PKLITE32 1.1's signature (2 replies)
  212. what fuction of this code be done (3 replies)
  213. Vbox 4.6.2[Im stuck] please help (14 replies)
  214. Is the code at wrong direction? (2 replies)
  215. QuickUnpack DLL release (2 replies)
  216. how to get the point of the CONTEXT STRUCT (4 replies)
  217. a SEH CONTEXT' Question (1 replies)
  218. Is it possible! (5 replies)
  219. Aramadillo 3.0-3.6 (3 replies)
  220. Unknown packer (0 replies)
  221. Unpacking Vbox (7 replies)
  222. "General extraction error", the hidden face of armadillo? (17 replies)
  223. IAT Rebuilding of a safecasted dll (2 replies)
  224. Installshield self extracting-exe ...possible? (0 replies)
  225. problems with a program protected by aspack + aspr (3 replies)
  226. Sentinel SuperPro: IDA sigs, function #'s, & shell (2 replies)
  227. Windows NT System-Call Hooking (3 replies)
  228. Interlok v5 exploration... (3 replies)
  229. Sentinel SuperPro Emulator (24 replies)
  230. Unpacking Execrytor (7 replies)
  231. CrypKey 6.0 for Newbie? (8 replies)
  232. Coding ASPACK dumper (4 replies)
  233. Seems like Arma detects virtual PCs.. (7 replies)
  234. Aspr Exception Handler Emulation notes (2 replies)
  235. Nice trick to hide Olly to most controls.. (17 replies)
  236. Wibu dongle unpacking (13 replies)
  237. question about armadillo packed dll & IAT (4 replies)
  238. Safedisc (v1) and ollydbg (2 replies)
  239. Microsoft C# and Basic .NET (3 replies)
  240. new aspr 1.31 un-dumpable? (16 replies)
  241. inline patching asprotect (5 replies)
  242. MFVDasm, Softlockx, and Bitarts PHASE1 (could use some help :-) (0 replies)
  243. Delphi dumped apps (16 replies)
  244. PC-Guard 5.0's code XORing (2 replies)
  245. Import Table: Working with IAT, ImpRec (4 replies)
  246. Nasty Nag removal (12 replies)
  247. Protection plus (1 replies)
  248. ocx unpack header? (16 replies)
  249. Unpacking Neolite 2 (exe, dll) (3 replies)
  250. Armadillo is down... (2 replies)